BlockThreat - Week 33, 2020

A major victory was scored by DoJ with its large scale bust of cryptocurrency schemes used by terror groups. OKEx publishes their 51% attack incident notes, Tor network is under attack to steal crypto, and lots of interesting research articles in this week’s edition.

News

• Department of Justice made announcement of the largest seizure of terrorist’s organizations’ cryptocurrency accounts. Civil complaints includes large caches of evidence and schemes used by the perpetrators including detailed analysis of blockchain activity.

Hacks

• Incident Report by OKEx on the recent ETC 51% attack which resulted in 807,260 ETC to be double spent. The report includes detailed analysis of attacker’s addresses and timeline.
• An ongoing Sybil attack on Tor’s exit nodes attempts to intercept and tamper with traffic to Bitcoin mixer services in order to steal cryptocurrencies.

Vulnerabilities

• A flaw in Ledger hardware wallet could allow funds theft through social engineering.

Research

• Play-by-play analysis of events leading up to and following the Steem takeover by Tron. This is a great case study into future PoS attacks.
• An interesting report into a variety of threats faced by exchanges related to key management. It uses flaws discovered in tss-lib as a case study for such attacks.
• Tracking down Bitcoin ransom from CWT ransomware compromise.
• Security checklists for Ethereum smart contract development: patterns and best practices

Thanks for joining me this week and see you in another edition of Blockchain Threat Intelligence newsletter.

-Peter